• State Not Answered
  • Replies 1 reply
  • Subscribers 68 subscribers
  • Views 1162 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 233804
Options
This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

Asymmetric encryption/decryption with public key

Unia Kuo

Hi,

I'm studying the example about the nrf_crypto for implementing asymmetric encrypt and decrypt function.

The suggestion on the Dev_Zone is to use the share key to symmetric encrypt, decrypt and DSA after finishing ECDH.

According to public-key cryptography, is there any example to demonstrate how to use the peer public key to encrypt and then decrypt only with peer secret key.

  • 0

    You can refer to the code as

    https://github.com/jimmywong2003/SES-Project-For-NRF51/blob/master/ble_app_uart_bas_ecdh_aes128/main.c

    // This is to generate the public key and shared secret key
    {
        static nrf_crypto_key_t peer_pk;

        nrf_crypto_init();

        NRF_LOG_INFO("Private Key\n");
        //NRF_LOG_HEXDUMP_INFO(m_crypto_key_sk.p_le_data, m_crypto_key_sk.len);
        
        nrf_delay_ms(1000);

        err_code = nrf_crypto_public_key_compute(NRF_CRYPTO_CURVE_SECP256R1, &m_crypto_key_sk, &m_crypto_key_pk);
        APP_ERROR_CHECK(err_code);

        NRF_LOG_INFO("Generate the Public Key\n");
        //NRF_LOG_HEXDUMP_INFO(m_crypto_key_pk.p_le_data, m_crypto_key_pk.len);

        //peer_pk.p_le_data = &p_ble_evt->evt.gap_evt.params.lesc_dhkey_request.p_pk_peer->pk[0];
        peer_pk.len = BLE_GAP_LESC_P256_PK_LEN;

        nrf_delay_ms(1000);

        memcpy(peer_pk.p_le_data, m_crypto_key_pk.p_le_data, peer_pk.len);
        err_code = nrf_crypto_shared_secret_compute(NRF_CRYPTO_CURVE_SECP256R1, &m_crypto_key_sk, &m_crypto_key_pk, &m_crypto_key_dhkey);
        APP_ERROR_CHECK(err_code);

        nrf_delay_ms(1000);

        NRF_LOG_INFO("Shared Secret Key\n");
        NRF_LOG_HEXDUMP_INFO(m_crypto_key_dhkey.p_le_data, m_crypto_key_dhkey.len);
    }


    // After get the shared secret key, it uses the ecb (AES128) for encrypt and decrypt the data
    {
        test_encrypt_decrypt_ecb();
    }
    
    
    
    static uint8_t plaintext[] = {0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a};
static uint8_t ciphertext[] = {0x3a, 0xd7, 0x7b, 0xb4, 0x0d, 0x7a, 0x36, 0x60, 0xa8, 0x9e, 0xca, 0xf3, 0x24, 0x66, 0xef, 0x97};

static uint8_t buffer_encrypt[16];
static uint8_t buffer_decrypt[16];

static void test_encrypt_decrypt_ecb(void)
{
  uint8_t key[] = {0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c};
  uint8_t in[]  = {0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a};
  uint8_t out[] = {0x3a, 0xd7, 0x7b, 0xb4, 0x0d, 0x7a, 0x36, 0x60, 0xa8, 0x9e, 0xca, 0xf3, 0x24, 0x66, 0xef, 0x97};
  uint8_t buffer[16];

  memcpy(key, m_crypto_key_dhkey.p_le_data, 16);
  
  NRF_LOG_HEXDUMP_INFO(key, 16);

  NRF_LOG_INFO("ECB encrypt: ");

  AES128_ECB_encrypt(plaintext, key, buffer_encrypt);

  NRF_LOG_HEXDUMP_INFO(buffer_encrypt, 16);

  NRF_LOG_INFO("ECB decrypt: ");

  AES128_ECB_decrypt(buffer_encrypt, key, buffer_decrypt);

  if(0 == strncmp((char*) plaintext, (char*) buffer_decrypt, 16))
  {
    NRF_LOG_INFO("SUCCESS!\n");
  }
  else
  {
    NRF_LOG_INFO("FAILURE!\n");
  }
}

Related